vicoinsane

A priori non! Si il y a un problème je te redis ca, merci bcp

Voici Je pensais avoir éradiqué le rogue digital protection mais il semble qu'il était encore actif... ComboFix 10-05-30.04 - HP_Administrateur 31/05/2010 7:41.1.1 - x86 Microsoft Windows XP Professionnel 5.1.2600.3.1252.33.1036.18.1022.688 [GMT 2:00] Lancé depuis: c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Mes documents\Downloads\ComboFix.exe AV: AntiVir Desktop *On-access scanning disabled* (Updated) {AD166499-45F9-482A-A743-FDD3350758C7} . (((((((((((((((((((((((((((((((((((( Autres suppressions )))))))))))))))))))))))))))))))))))))))))))))))) . c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\autorun.inf c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Documents .lnk c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Music .lnk c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\New Folder .lnk c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Passwords .lnk c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Pictures .lnk c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Video .lnk c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Bureau\Digital Protection Support.lnk c:\program files\Fichiers communs\System\update.dat Une copie infectée de c:\windows\system32\drivers\dmload.sys a été trouvée et désinfectée Copie restaurée à partir de - Kitty had a snack . ((((((((((((((((((((((((((((( Fichiers créés du 2010-04-28 au 2010-05-31 )))))))))))))))))))))))))))))))))))) . 2010-05-31 05:38 . 2004-08-10 04:00 5888 ----a-w- c:\windows\system32\drivers\dmload.sys 2010-05-31 05:38 . 2004-08-10 04:00 5888 ----a-w- c:\windows\system32\dllcache\dmload.sys 2010-05-30 19:26 . 2010-05-30 19:26 -------- d-----w- c:\program files\trend micro 2010-05-30 19:26 . 2010-05-30 19:26 -------- d-----w- C:\rsit 2010-05-30 00:53 . 2010-05-30 00:53 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\SUPERAntiSpyware.com 2010-05-30 00:53 . 2010-05-30 00:53 -------- d-----w- c:\documents and settings\All Users\Application Data\SUPERAntiSpyware.com 2010-05-30 00:53 . 2010-05-30 00:53 -------- d-----w- c:\program files\SUPERAntiSpyware 2010-05-29 01:25 . 2010-05-29 01:25 -------- d-sh--w- c:\documents and settings\LocalService\IETldCache 2010-05-29 00:11 . 2009-03-30 08:32 96104 ----a-w- c:\windows\system32\drivers\avipbb.sys 2010-05-29 00:11 . 2009-02-13 10:28 22360 ----a-w- c:\windows\system32\drivers\avgntmgr.sys 2010-05-29 00:11 . 2010-05-30 01:47 56816 ----a-w- c:\windows\system32\drivers\avgntflt.sys 2010-05-29 00:11 . 2009-02-13 10:17 45416 ----a-w- c:\windows\system32\drivers\avgntdd.sys 2010-05-29 00:10 . 2010-05-29 00:10 -------- d-----w- c:\program files\Avira 2010-05-29 00:10 . 2010-05-29 00:10 -------- d-----w- c:\documents and settings\All Users\Application Data\Avira 2010-05-28 13:27 . 2010-05-28 13:27 -------- d-----w- c:\windows\system32\LogFiles 2010-05-27 18:58 . 2010-05-27 18:58 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Local Settings\Application Data\Nero 2010-05-27 18:53 . 2010-05-27 18:53 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Local Settings\Application Data\Ahead 2010-05-27 18:50 . 2010-05-27 18:50 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Nero 2010-05-26 18:46 . 2010-05-26 18:46 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Leadertech 2010-05-26 07:08 . 2010-05-26 07:08 664 ----a-w- c:\windows\system32\d3d9caps.dat 2010-05-25 13:10 . 2010-05-25 13:10 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Local Settings\Application Data\ESET 2010-05-25 12:27 . 2010-05-27 18:23 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\uTorrent 2010-05-24 19:26 . 2010-05-24 19:25 411368 ----a-w- c:\windows\system32\deployJava1.dll 2010-05-22 04:35 . 2010-05-22 04:36 -------- d-----w- c:\program files\RegCleaner 2010-05-21 19:27 . 2010-05-21 19:27 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Template 2010-05-16 06:16 . 2010-05-16 06:16 -------- d-----w- c:\documents and settings\All Users\Application Data\nView_Profiles 2010-05-11 08:42 . 2010-05-11 08:42 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\AdobeUM 2010-05-08 20:09 . 2010-05-13 11:38 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\HP 2010-05-08 20:08 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\drivers\usbprint.sys 2010-05-08 20:08 . 2008-04-13 18:47 25856 ----a-w- c:\windows\system32\dllcache\usbprint.sys 2010-05-08 20:07 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\drivers\usbscan.sys 2010-05-08 20:07 . 2008-04-13 18:45 15104 ----a-w- c:\windows\system32\dllcache\usbscan.sys 2010-05-08 20:07 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\drivers\usbccgp.sys 2010-05-08 20:07 . 2008-04-13 18:45 32128 ----a-w- c:\windows\system32\dllcache\usbccgp.sys 2010-05-07 18:12 . 2010-05-07 18:12 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Local Settings\Application Data\Adobe 2010-05-07 17:49 . 2009-11-27 17:13 17920 ------w- c:\windows\system32\dllcache\msyuv.dll 2010-05-07 17:48 . 2009-11-27 16:08 48128 ------w- c:\windows\system32\dllcache\iyuv_32.dll 2010-05-07 17:33 . 2010-05-07 17:33 -------- d-----w- c:\windows\system32\fr 2010-05-07 17:33 . 2010-05-07 17:33 -------- d-----w- c:\windows\system32\bits 2010-05-07 17:18 . 2008-04-14 02:33 81920 ------w- c:\windows\system32\ieencode.dll 2010-05-07 06:19 . 2009-08-06 17:23 274288 ----a-w- c:\windows\system32\mucltui.dll 2010-05-07 06:19 . 2009-08-06 17:23 215920 ----a-w- c:\windows\system32\muweb.dll 2010-05-06 17:41 . 2010-05-30 18:41 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Tracing 2010-05-06 17:37 . 2010-05-07 18:54 49744 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-05-06 17:30 . 2010-05-06 17:30 -------- d-sh--w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\IECompatCache 2010-05-06 17:29 . 2010-05-06 17:29 -------- d-sh--w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\PrivacIE 2010-05-06 17:26 . 2010-05-06 17:26 -------- d-sh--w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\IETldCache 2010-05-06 17:19 . 2010-05-07 17:34 -------- d-----w- c:\windows\system32\fr-FR 2010-05-06 17:15 . 2010-02-25 06:17 55296 ------w- c:\windows\system32\dllcache\msfeedsbs.dll 2010-05-06 17:15 . 2010-02-25 06:17 247808 ------w- c:\windows\system32\dllcache\ieproxy.dll 2010-05-06 17:15 . 2010-02-25 06:17 1985536 ------w- c:\windows\system32\dllcache\iertutil.dll 2010-05-06 17:14 . 2010-02-25 06:17 12800 ------w- c:\windows\system32\dllcache\xpshims.dll 2010-05-06 17:14 . 2010-02-25 06:17 594432 ------w- c:\windows\system32\dllcache\msfeeds.dll 2010-05-06 17:02 . 2010-05-06 17:02 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Local Settings\Application Data\Google 2010-05-06 16:06 . 2010-05-06 16:06 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Local Settings\Application Data\Identities 2010-05-06 06:43 . 2008-04-14 02:34 20992 ------w- c:\windows\system32\spupdwxp.exe 2010-05-05 17:30 . 2008-06-14 17:33 272768 ------w- c:\windows\system32\drivers\bthport.sys 2010-05-05 17:30 . 2008-06-14 17:33 272768 ------w- c:\windows\system32\dllcache\bthport.sys 2010-05-05 17:30 . 2010-02-16 19:06 2148352 ------w- c:\windows\system32\dllcache\ntkrnlmp.exe 2010-05-05 17:30 . 2010-02-16 19:07 2068864 ------w- c:\windows\system32\dllcache\ntkrnlpa.exe 2010-05-05 17:30 . 2010-02-16 19:06 2026496 ------w- c:\windows\system32\dllcache\ntkrpamp.exe 2010-05-05 17:29 . 2010-02-24 13:11 455680 ------w- c:\windows\system32\dllcache\mrxsmb.sys 2010-05-05 17:29 . 2009-11-21 15:58 471552 ------w- c:\windows\system32\dllcache\aclayers.dll 2010-05-05 17:28 . 2009-02-06 10:10 227840 ------w- c:\windows\system32\dllcache\wmiprvse.exe 2010-05-05 17:28 . 2009-03-06 14:20 286720 ------w- c:\windows\system32\dllcache\pdh.dll 2010-05-05 17:28 . 2009-02-09 11:23 111104 ------w- c:\windows\system32\dllcache\services.exe 2010-05-05 17:28 . 2009-02-09 10:53 473600 ------w- c:\windows\system32\dllcache\fastprox.dll 2010-05-05 17:28 . 2009-02-09 10:53 401408 ------w- c:\windows\system32\dllcache\rpcss.dll 2010-05-05 17:28 . 2009-06-25 08:26 736768 ------w- c:\windows\system32\dllcache\lsasrv.dll 2010-05-05 17:28 . 2009-02-09 10:53 739840 ------w- c:\windows\system32\dllcache\ntdll.dll 2010-05-05 17:28 . 2009-02-09 10:53 685568 ------w- c:\windows\system32\dllcache\advapi32.dll 2010-05-05 17:28 . 2009-02-09 10:53 453120 ------w- c:\windows\system32\dllcache\wmiprvsd.dll 2010-05-05 17:26 . 2008-05-08 14:02 203136 ------w- c:\windows\system32\dllcache\rmcast.sys 2010-05-05 17:25 . 2009-08-25 09:18 354816 ------w- c:\windows\system32\dllcache\winhttp.dll 2010-05-05 17:24 . 2008-10-15 16:35 337408 ------w- c:\windows\system32\dllcache\netapi32.dll 2010-05-05 17:22 . 2008-04-21 21:15 219136 ------w- c:\windows\system32\dllcache\wordpad.exe 2010-05-05 17:21 . 2009-12-31 16:50 353792 ------w- c:\windows\system32\dllcache\srv.sys 2010-05-05 17:19 . 2009-10-15 16:32 81920 ------w- c:\windows\system32\dllcache\fontsub.dll 2010-05-05 17:19 . 2009-10-15 16:32 119808 ------w- c:\windows\system32\dllcache\t2embed.dll 2010-05-05 17:19 . 2010-02-12 10:03 293376 ------w- c:\windows\system32\browserchoice.exe 2010-05-05 17:19 . 2010-01-29 15:00 691712 ------w- c:\windows\system32\dllcache\inetcomm.dll 2010-05-05 17:18 . 2010-01-29 15:00 1315328 ------w- c:\windows\system32\dllcache\msoe.dll 2010-05-05 17:18 . 2008-06-17 19:02 8517632 ------w- c:\windows\system32\dllcache\shell32.dll 2010-05-05 10:55 . 2010-05-05 10:55 -------- d-sh--w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\UserData 2010-05-05 10:36 . 2010-05-05 10:36 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Malwarebytes 2010-05-05 10:35 . 2010-04-29 13:39 38224 ----a-w- c:\windows\system32\drivers\mbamswissarmy.sys 2010-05-05 10:35 . 2010-04-29 13:39 20952 ----a-w- c:\windows\system32\drivers\mbam.sys 2010-05-05 10:07 . 2010-05-31 05:41 -------- d-sh--r- c:\windows\system32\dllcache 2010-05-05 10:07 . 2010-05-05 10:20 -------- d-----r- c:\windows\system32\config\systemprofile\Menu Démarrer 2010-05-05 02:32 . 2005-01-01 20:23 -------- d-----w- c:\windows\system32\config\systemprofile\Application Data\Symantec 2010-05-05 02:32 . 2005-01-01 20:02 -------- d-----w- c:\windows\system32\config\systemprofile\WINDOWS 2010-05-05 00:22 . 2010-05-05 00:22 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.002\Application Data\Template 2010-05-05 00:13 . 2010-05-05 00:13 -------- d-s---w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.002\UserData 2010-05-05 00:13 . 2010-05-05 00:13 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.002\Application Data\Malwarebytes 2010-05-05 00:07 . 2010-05-05 00:07 -------- d-s---w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.001\UserData 2010-05-05 00:03 . 2010-05-05 00:03 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.001\Application Data\Malwarebytes 2010-05-02 04:10 . 2010-05-02 04:10 -------- d-s---w- c:\documents and settings\NetworkService\UserData 2010-05-02 02:59 . 2010-05-02 02:59 -------- d-s---w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.000\UserData 2010-05-02 02:47 . 2010-05-02 02:47 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.000\Application Data\Malwarebytes 2010-05-02 02:45 . 2010-05-02 02:45 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.000\Local Settings\Application Data\Google 2010-05-02 00:12 . 2010-05-02 00:12 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Mikogo 2010-05-01 22:26 . 2010-05-01 22:26 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Malwarebytes 2010-05-01 22:26 . 2010-05-05 10:36 -------- d-----w- c:\program files\Malwarebytes' Anti-Malware 2010-05-01 22:26 . 2010-05-01 22:26 -------- d-----w- c:\documents and settings\All Users\Application Data\Malwarebytes . (((((((((((((((((((((((((((((((((( Compte-rendu de Find3M )))))))))))))))))))))))))))))))))))))))))))))))) . 2010-05-30 02:19 . 2009-09-13 20:34 -------- d-----w- c:\program files\PokerStars 2010-05-30 02:08 . 2006-10-13 12:33 -------- d-----w- c:\program files\Spybot - Search & Destroy 2010-05-30 02:08 . 2006-07-07 17:21 -------- d-----w- c:\documents and settings\All Users\Application Data\Spybot - Search & Destroy 2010-05-30 02:08 . 2009-12-12 22:34 -------- d-----w- c:\program files\Everest Poker 2010-05-30 00:53 . 2010-05-30 00:53 63488 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10006.dll 2010-05-30 00:53 . 2010-05-30 00:53 52224 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\SD10005.dll 2010-05-30 00:53 . 2010-05-30 00:53 117760 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\SUPERAntiSpyware.com\SUPERAntiSpyware\SDDLLS\UIREPAIR.DLL 2010-05-27 17:44 . 2010-05-27 17:44 443912 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Real\Update\setup3.10\setup.exe 2010-05-25 12:30 . 2008-03-31 16:36 -------- d-----w- c:\program files\uTorrent 2010-05-24 19:42 . 2005-01-01 19:27 -------- d-----w- c:\program files\Fichiers communs\Java 2010-05-24 19:27 . 2010-05-24 19:27 503808 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-66619a32-n\msvcp71.dll 2010-05-24 19:27 . 2010-05-24 19:27 499712 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-66619a32-n\jmc.dll 2010-05-24 19:27 . 2010-05-24 19:27 348160 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Sun\Java\Deployment\SystemCache\6.0\46\f84c6ae-66619a32-n\msvcr71.dll 2010-05-24 19:27 . 2010-05-24 19:27 61440 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-40cffc90-n\decora-sse.dll 2010-05-24 19:27 . 2010-05-24 19:27 12800 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Sun\Java\Deployment\SystemCache\6.0\50\5535ab32-40cffc90-n\decora-d3d.dll 2010-05-21 19:40 . 2010-05-21 19:27 116 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\wklnhst.dat 2010-05-08 20:09 . 2005-01-01 19:47 113669 ----a-w- c:\windows\hpoins07.dat 2010-05-07 18:48 . 2005-10-10 11:39 64724 ----a-w- c:\windows\system32\perfc00C.dat 2010-05-07 18:48 . 2005-10-10 11:39 446984 ----a-w- c:\windows\system32\perfh00C.dat 2010-05-07 17:37 . 2005-10-10 11:55 92667 ----a-w- c:\windows\pchealth\helpctr\OfflineCache\index.dat 2010-05-06 17:26 . 2005-01-01 20:17 -------- d-----w- c:\documents and settings\All Users\Application Data\Symantec 2010-05-06 17:26 . 2005-01-01 20:17 -------- d-----w- c:\program files\Fichiers communs\Symantec Shared 2010-05-06 16:50 . 2010-05-05 02:33 160 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Local Settings\Application Data\fusioncache.dat 2010-05-06 06:41 . 2010-05-06 06:41 1956808 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Macromedia\Flash Player\www.macromedia.com\bin\fpupdateax\fpupdateax.exe 2010-05-05 02:35 . 2010-05-05 02:35 1822 --sha-r- c:\windows\system32\drivers\103C_HP_CPC_EY972AA-ABF m7419.fr-a_YC_0Pavi_QCZB620_E62FRemMPA3_48_IAMETHYST-M_SMSI_V1.0_B3.48_T060324_WXP2_L40C_M1023_J200_7AMD_8Athlon 64_92.19_#060707_N10EC8139_Z_G10DE01D1_OTSSTcorp CD DVDW TS-H552L_DHWP2678.MRK 2010-05-05 00:22 . 2010-05-05 00:22 100 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.002\Application Data\wklnhst.dat 2010-05-02 04:26 . 2010-05-02 04:26 61440 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.000\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-550bf307-n\decora-sse.dll 2010-05-02 04:26 . 2010-05-02 04:26 503808 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.000\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-17b64645-n\msvcp71.dll 2010-05-02 04:26 . 2010-05-02 04:26 499712 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.000\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-17b64645-n\jmc.dll 2010-05-02 04:26 . 2010-05-02 04:26 348160 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.000\Application Data\Sun\Java\Deployment\SystemCache\6.0\54\1a209876-17b64645-n\msvcr71.dll 2010-05-02 04:26 . 2010-05-02 04:26 12800 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.000\Application Data\Sun\Java\Deployment\SystemCache\6.0\17\6d0ad391-550bf307-n\decora-d3d.dll 2010-05-02 04:22 . 2010-05-02 04:22 79488 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.000\Application Data\Sun\Java\jre1.6.0_20\gtapi.dll 2010-05-02 02:50 . 2010-05-02 02:38 160 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723.000\Local Settings\Application Data\fusioncache.dat 2010-05-02 02:04 . 2010-03-31 14:59 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\uTorrent 2010-05-02 02:04 . 2006-10-12 15:03 -------- d-----w- c:\documents and settings\All Users\Application Data\Kaspersky Lab 2010-05-02 00:23 . 2010-04-01 17:53 -------- d-----w- c:\documents and settings\All Users\Application Data\Nero 2010-05-01 22:12 . 2006-08-01 17:05 -------- d-----w- c:\program files\ESET 2010-05-01 22:09 . 2010-03-21 14:19 908 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\wklnhst.dat 2010-04-25 12:04 . 2010-04-25 12:04 443912 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Real\Update\setup3.10\setup.exe 2010-04-16 20:12 . 2010-04-16 20:12 48464 ----a-w- c:\windows\system32\sirenacm.dll 2010-04-04 00:50 . 2010-03-21 06:44 49744 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\GDIPFONTCACHEV1.DAT 2010-04-04 00:32 . 2010-04-04 00:32 -------- d-----w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Nero 2010-04-04 00:30 . 2006-07-22 10:27 -------- d-----w- c:\program files\Fichiers communs\Nero 2010-04-04 00:27 . 2006-09-02 19:25 -------- d-----w- c:\program files\Nero 2010-03-28 23:37 . 2010-03-28 23:37 24576 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Mikogo\B-Capture.exe 2010-03-28 23:36 . 2010-03-28 23:36 185640 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Mikogo\B-Service.exe 2010-03-28 23:31 . 2010-03-28 23:31 1249280 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Mikogo\SessionPlayer.exe 2010-03-28 23:31 . 2010-03-28 23:31 144688 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Mikogo\remover.exe 2010-03-28 23:31 . 2010-03-28 23:31 2748416 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Mikogo\Mikogo-Host.exe 2010-03-25 12:38 . 2010-03-25 12:38 152576 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Sun\Java\jre1.6.0_17\lzma.dll 2010-03-25 12:37 . 2010-03-25 12:37 79488 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Application Data\Sun\Java\jre1.6.0_17\gtapi.dll 2010-03-21 01:56 . 2010-03-21 01:50 156 ----a-w- c:\documents and settings\HP_Administrateur.NOM-FB9B15D2723\Local Settings\Application Data\fusioncache.dat 2010-03-17 18:28 . 2007-01-08 16:33 31684 ----a-w- c:\documents and settings\Compte famille\Application Data\wklnhst.dat 2010-03-10 06:16 . 2004-08-10 11:00 420352 ----a-w- c:\windows\system32\vbscript.dll 2007-09-17 12:23 . 2007-09-17 12:23 61038 ----a-w- c:\program files\mozilla firefox\components\jar50.dll 2007-09-17 12:23 . 2007-09-17 12:23 49256 ----a-w- c:\program files\mozilla firefox\components\jsd3250.dll 2007-09-17 12:23 . 2007-09-17 12:23 166000 ----a-w- c:\program files\mozilla firefox\components\xpinstal.dll . ((((((((((((((((((((((((((((((((( Points de chargement Reg )))))))))))))))))))))))))))))))))))))))))))))))) . . *Note* les éléments vides & les éléments initiaux légitimes ne sont pas listés REGEDIT4 [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"="c:\program files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" [2008-06-24 1840424] "SUPERAntiSpyware"="c:\program files\SUPERAntiSpyware\SUPERAntiSpyware.exe" [2010-05-18 2397424] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run] "ehTray"="c:\windows\ehome\ehtray.exe" [2005-08-05 64512] "ftutil2"="ftutil2.dll" [2004-06-07 106496] "AlwaysReady Power Message APP"="ARPWRMSG.EXE" [2005-08-03 77312] "NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2005-12-14 7323648] "nwiz"="nwiz.exe" [2005-12-14 1519616] "HPHUPD08"="c:\program files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe" [2005-06-02 49152] "DMAScheduler"="c:\program files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe" [2005-11-01 90112] "Recguard"="c:\windows\SMINST\RECGUARD.EXE" [2005-07-22 237568] "HPBootOp"="c:\program files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" [2005-11-10 249856] "Reminder"="c:\windows\Creator\Remind_XP.exe" [2004-12-14 663552] "HP Software Update"="c:\program files\HP\HP Software Update\HPwuSchd2.exe" [2005-05-12 49152] "TkBellExe"="c:\program files\Fichiers communs\Real\Update_OB\realsched.exe" [2005-01-01 180269] "SunJavaUpdateSched"="c:\program files\Fichiers communs\Java\Java Update\jusched.exe" [2010-02-18 248040] "NeroFilterCheck"="c:\program files\Fichiers communs\Nero\Lib\NeroCheck.exe" [2008-06-19 570664] "NBKeyScan"="c:\program files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" [2008-06-08 2221352] "avgnt"="c:\program files\Avira\AntiVir Desktop\avgnt.exe" [2009-03-02 209153] c:\documents and settings\postgres\Menu D‚marrer\Programmes\D‚marrage\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2005-1-1 27136] c:\documents and settings\admin_pc\Menu D‚marrer\Programmes\D‚marrage\ Pin.lnk - c:\hp\bin\CLOAKER.EXE [2005-1-1 27136] c:\documents and settings\All Users\Menu D‚marrer\Programmes\D‚marrage\ HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2005-5-12 282624] [hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2008-05-13 77824] [HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\winlogon\notify\!SASWinLogon] 2009-09-03 22:21 548352 ----a-w- c:\program files\SUPERAntiSpyware\SASWINLO.DLL [HKLM\~\services\sharedaccess\parameters\firewallpolicy\standardprofile\AuthorizedApplications\List] "%windir%\\system32\\sessmgr.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqtra08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqste08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpofxm08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposfx08.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hposid01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqscnvw.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqkygrp.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpqCopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpfccopy.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpzwiz01.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqPhUnl.exe"= "c:\\Program Files\\HP\\Digital Imaging\\Unload\\HpqDIA.exe"= "c:\\Program Files\\HP\\Digital Imaging\\bin\\hpoews01.exe"= "c:\\Program Files\\Messenger\\msmsgs.exe"= "%windir%\\Network Diagnostic\\xpnetdiag.exe"= "c:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe"= "c:\\Program Files\\uTorrent\\uTorrent.exe"= R1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\sasdifsv.sys [17/02/2010 20:25 12872] R1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [10/05/2010 20:41 67656] R2 AntiVirSchedulerService;Avira AntiVir Planificateur;c:\program files\Avira\AntiVir Desktop\sched.exe [29/05/2010 02:11 108289] S2 wbblpcae;AGP Bus k4964 Helper;c:\windows\System32\svchost.exe -k netsvcs [10/08/2004 13:00 14336] HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Svchost - NetSvcs wbblpcae . . ------- Examen supplémentaire ------- . uStart Page = hxxp://google.fr/ . - - - - ORPHELINS SUPPRIMES - - - - ShellIconOverlayIdentifiers-{1A0A711C-317C-46E7-B6FC-4C914BB87D5A} - (no file) HKLM-Run-PCDrProfiler - (no file) SafeBoot-fqennwla.sys SafeBoot-wycvphoq.sys ************************************************************************** catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net Rootkit scan 2010-05-31 07:55 Windows 5.1.2600 Service Pack 3 NTFS Recherche de processus cachés ... Recherche d'éléments en démarrage automatique cachés ... Recherche de fichiers cachés ... Scan terminé avec succès Fichiers cachés: 0 ************************************************************************** . --------------------- DLLs chargées dans les processus actifs --------------------- - - - - - - - > 'winlogon.exe'(712) c:\program files\SUPERAntiSpyware\SASWINLO.DLL - - - - - - - > 'explorer.exe'(2480) c:\windows\system32\nview.dll c:\windows\system32\NVWRSFR.DLL c:\windows\system32\nvwddi.dll c:\windows\system32\eappprxy.dll c:\windows\system32\webcheck.dll . ------------------------ Autres processus actifs ------------------------ . c:\windows\system32\rundll32.exe c:\program files\Avira\AntiVir Desktop\avguard.exe c:\windows\arservice.exe c:\windows\eHome\ehRecvr.exe c:\windows\eHome\ehSched.exe c:\program files\Java\jre6\bin\jqs.exe c:\program files\Fichiers communs\LightScribe\LSSrvc.exe c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe c:\program files\Nero\Nero8\Nero BackItUp\NBService.exe c:\windows\system32\nvsvc32.exe c:\windows\system32\IoctlSvc.exe c:\windows\ehome\mcrdsvc.exe c:\program files\Fichiers communs\Nero\Lib\NMIndexingService.exe c:\windows\system32\dllhost.exe c:\windows\system32\wbem\wmiapsrv.exe c:\windows\eHome\ehmsas.exe . ************************************************************************** . Heure de fin: 2010-05-31 08:01:12 - La machine a redémarré ComboFix-quarantined-files.txt 2010-05-31 06:01 Avant-CF: 30 561 542 144 octets libres Après-CF: 33 134 706 688 octets libres - - End Of File - - 0FE38B19B570988A29D57F7BE811571F

Salut et merci de m'accorder de ton temps. Pour le .exe que tu me demandes d'analyser, je ne le trouve pas même en activant la présence des fichiers cachés... Concernant les deux fichiers de rsit : info.txt logfile of random's system information tool 1.06 2010-05-30 21:26:51 ======Uninstall list====== -->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 -->C:\Program Files\Nero\Nero8\\nero\uninstall\UNNERO.exe /UNINSTALL -->C:\WINDOWS\IsUn040c.exe -fC:\WINDOWS\orun32.isu -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {075473F5-846A-448B-BCB3-104AA1760205} -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {AB708C9B-97C8-4AC9-899B-DBF226AC9382} -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {B12665F4-4E93-4AB4-B7FC-37053B524629} -->c:\WINDOWS\system32\\MSIEXEC.EXE /x {F80239D8-7811-4D5E-B033-0D0BBFE32920} -->C:\WINDOWS\UNNeroBackItUp.exe /UNINSTALL -->C:\WINDOWS\UNNeroMediaHome.exe /UNINSTALL -->C:\WINDOWS\UNNeroShowTime.exe /UNINSTALL -->C:\WINDOWS\UNNeroVision.exe /UNINSTALL -->C:\WINDOWS\UNRecode.exe /UNINSTALL -->rundll32.exe setupapi.dll,InstallHinfSection DefaultUninstall 132 C:\WINDOWS\INF\PCHealth.inf µTorrent-->"C:\Program Files\uTorrent\uTorrent.exe" /UNINSTALL Adobe Flash Player 10 ActiveX-->C:\WINDOWS\system32\Macromed\Flash\uninstall_activeX.exe Adobe Reader 7.0 - Français-->MsiExec.exe /I{AC76BA86-7AD7-1036-7B44-A70000000000} Avira AntiVir Personal - Free Antivirus-->C:\Program Files\Avira\AntiVir Desktop\setup.exe /REMOVE Correctif pour Lecteur Windows Media 10 (KB910393)-->"C:\WINDOWS\$NtUninstallKB910393$\spuninst\spuninst.exe" Correctif pour Windows XP (KB952287)-->"C:\WINDOWS\$NtUninstallKB952287$\spuninst\spuninst.exe" Correctif pour Windows XP (KB979306)-->"C:\WINDOWS\$NtUninstallKB979306$\spuninst\spuninst.exe" Everest Poker (Remove Only)-->C:\Program Files\Everest Poker\cstart.exe /uninstall GemMaster Mystic-->"C:\Program Files\GemMasterFrench\uninstallgemmaster.exe" High Definition Audio - KB888111-->"C:\WINDOWS\$NtUninstallKB888111WXPSP2$\spuninst\spuninst.exe" HijackThis 2.0.2-->"C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Mes documents\Downloads\HijackThis.exe" /uninstall HP Appareils photos Photosmart 5.0-->C:\Program Files\HP\Digital Imaging\{C83A12B9-B31B-461A-BBD4-CE9B988094F1}\setup\hpzscr01.exe -datfile hpiscr01.dat HP Boot Optimizer-->C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe /uninstall HP Deskjet Printer Preload-->MsiExec.exe /I{2C5D07FB-31A2-4F2D-9FDA-0B24ACD42BD0} HP DigitalMedia Archive-->MsiExec.exe /X{F80239D8-7811-4D5E-B033-0D0BBFE32920} HP Document Viewer 5.3-->C:\Program Files\HP\Digital Imaging\DocumentViewer\hpzscr01.exe -datfile hpqbud04.dat HP DVD Play 1.0-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\engine\6\INTEL3~1\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{45D707E9-F3C4-11D9-A373-0050BAE317E1}\Setup.exe" -uninstall HP Imaging Device Functions 6.0-->C:\Program Files\HP\Digital Imaging\DigitalImagingMonitor\hpzscr01.exe -datfile hpqbud01.dat HP Multimedia Keyboard Software-->C:\HP\KBD\Install.exe /remove HP Photosmart 330,380,420,470,7800,8000,8200 Series-->C:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\setup\hpzscr01.exe -d MsiRollbackUninstaller -datfile hphscr08.dat HP Photosmart for Media Center PC-->c:\Program Files\HP\Digital Imaging\bin\mcpc\setupmcl.exe /u HP Photosmart Premier Software 6.0-->C:\Program Files\HP\Digital Imaging\uninstall\hpzscr01.exe -datfile hpqscr01.dat HP PSC & OfficeJet 5.3.A-->"C:\Program Files\HP\Digital Imaging\{3E386744-10FA-44b2-98C9-DF7A270DECB3}\setup\hpzscr01.exe" -datfile hposcr06.dat HP PSC & OfficeJet 5.3.B-->"C:\Program Files\HP\Digital Imaging\{5B79CFD1-6845-4158-9D7D-6BE89DF2C135}\setup\hpzscr01.exe" -datfile hposcr07.dat HP Software Update-->MsiExec.exe /X{ECFDD6BD-E0C0-41CC-A171-E6D6AF4C0E93} HP Solution Center & Imaging Support Tools 5.3-->C:\Program Files\HP\Digital Imaging\eSupport\hpzscr01.exe -datfile hpqbud05.dat Installation Windows Live-->C:\Program Files\Windows Live\Installer\wlarp.exe Installation Windows Live-->MsiExec.exe /I{133742BA-6F46-4D3E-85AF-78631D9AD8B8} J2SE Runtime Environment 5.0 Update 5-->MsiExec.exe /I{3248F0A8-6813-11D6-A77B-00B0D0150050} Java 6 Update 20-->MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216020FF} Logiciel d'archivage WinRAR-->C:\Program Files\WinRAR\uninstall.exe Malwarebytes' Anti-Malware-->"C:\Program Files\Malwarebytes' Anti-Malware\unins000.exe" Microsoft .NET Framework 1.1 French Language Pack-->MsiExec.exe /X{9A394342-4A68-4EBA-85A6-55B559F4E700} Microsoft .NET Framework 1.1 Security Update (KB953297)-->"C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\hotfix.exe" "C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\Updates\M953297\M953297Uninstall.msp" Microsoft .NET Framework 1.1-->msiexec.exe /X {CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft .NET Framework 1.1-->MsiExec.exe /X{CB2F7EDD-9D1F-43C1-90FC-4F52EAE172A1} Microsoft Choice Guard-->MsiExec.exe /X{F0E12BBA-AD66-4022-A453-A1C8A0C4D570} Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17-->MsiExec.exe /X{9A25302D-30C0-39D9-BD6F-21E6EC160475} Microsoft Works-->MsiExec.exe /I{A059DE09-1B49-4450-B340-7AE097EC3F04} Mise à jour de sécurité pour Lecteur Windows Media (KB952069)-->"C:\WINDOWS\$NtUninstallKB952069_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB954155)-->"C:\WINDOWS\$NtUninstallKB954155_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB968816)-->"C:\WINDOWS\$NtUninstallKB968816_WM9$\spuninst\spuninst.exe" Mise à jour de sécurité pour Lecteur Windows Media (KB973540)-->"C:\WINDOWS\$NtUninstallKB973540_WM9L$\spuninst\spuninst.exe" Mise à jour de sécurité pour Step by Step Interactive Training (KB923723)-->"C:\WINDOWS\$NtUninstallKB923723$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB971961)-->"C:\WINDOWS\ie8updates\KB971961-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows Internet Explorer 8 (KB981332)-->"C:\WINDOWS\ie8updates\KB981332-IE8\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB923561)-->"C:\WINDOWS\$NtUninstallKB923561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB941569)-->"C:\WINDOWS\$NtUninstallKB941569$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB946648)-->"C:\WINDOWS\$NtUninstallKB946648$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950760)-->"C:\WINDOWS\$NtUninstallKB950760$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950762)-->"C:\WINDOWS\$NtUninstallKB950762$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB950974)-->"C:\WINDOWS\$NtUninstallKB950974$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951066)-->"C:\WINDOWS\$NtUninstallKB951066$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951376-v2)-->"C:\WINDOWS\$NtUninstallKB951376-v2$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB951748)-->"C:\WINDOWS\$NtUninstallKB951748$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952004)-->"C:\WINDOWS\$NtUninstallKB952004$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB952954)-->"C:\WINDOWS\$NtUninstallKB952954$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB955069)-->"C:\WINDOWS\$NtUninstallKB955069$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956572)-->"C:\WINDOWS\$NtUninstallKB956572$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956744)-->"C:\WINDOWS\$NtUninstallKB956744$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956802)-->"C:\WINDOWS\$NtUninstallKB956802$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956803)-->"C:\WINDOWS\$NtUninstallKB956803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB956844)-->"C:\WINDOWS\$NtUninstallKB956844$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958644)-->"C:\WINDOWS\$NtUninstallKB958644$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB958869)-->"C:\WINDOWS\$NtUninstallKB958869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB959426)-->"C:\WINDOWS\$NtUninstallKB959426$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960225)-->"C:\WINDOWS\$NtUninstallKB960225$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960803)-->"C:\WINDOWS\$NtUninstallKB960803$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB960859)-->"C:\WINDOWS\$NtUninstallKB960859$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB961501)-->"C:\WINDOWS\$NtUninstallKB961501$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969059)-->"C:\WINDOWS\$NtUninstallKB969059$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB969947)-->"C:\WINDOWS\$NtUninstallKB969947$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970238)-->"C:\WINDOWS\$NtUninstallKB970238$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB970430)-->"C:\WINDOWS\$NtUninstallKB970430$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971468)-->"C:\WINDOWS\$NtUninstallKB971468$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB971657)-->"C:\WINDOWS\$NtUninstallKB971657$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB972270)-->"C:\WINDOWS\$NtUninstallKB972270$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973354)-->"C:\WINDOWS\$NtUninstallKB973354$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973507)-->"C:\WINDOWS\$NtUninstallKB973507$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973869)-->"C:\WINDOWS\$NtUninstallKB973869$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB973904)-->"C:\WINDOWS\$NtUninstallKB973904$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974112)-->"C:\WINDOWS\$NtUninstallKB974112$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974318)-->"C:\WINDOWS\$NtUninstallKB974318$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974392)-->"C:\WINDOWS\$NtUninstallKB974392$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB974571)-->"C:\WINDOWS\$NtUninstallKB974571$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975025)-->"C:\WINDOWS\$NtUninstallKB975025$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975467)-->"C:\WINDOWS\$NtUninstallKB975467$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975560)-->"C:\WINDOWS\$NtUninstallKB975560$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975561)-->"C:\WINDOWS\$NtUninstallKB975561$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB975713)-->"C:\WINDOWS\$NtUninstallKB975713$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977816)-->"C:\WINDOWS\$NtUninstallKB977816$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB977914)-->"C:\WINDOWS\$NtUninstallKB977914$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978037)-->"C:\WINDOWS\$NtUninstallKB978037$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978262)-->"C:\WINDOWS\$NtUninstallKB978262$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978338)-->"C:\WINDOWS\$NtUninstallKB978338$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978542)-->"C:\WINDOWS\$NtUninstallKB978542$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978601)-->"C:\WINDOWS\$NtUninstallKB978601$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB978706)-->"C:\WINDOWS\$NtUninstallKB978706$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB979309)-->"C:\WINDOWS\$NtUninstallKB979309$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB979683)-->"C:\WINDOWS\$NtUninstallKB979683$\spuninst\spuninst.exe" Mise à jour de sécurité pour Windows XP (KB980232)-->"C:\WINDOWS\$NtUninstallKB980232$\spuninst\spuninst.exe" Mise à jour pour Lecteur Windows Media 10 (KB913800)-->"C:\WINDOWS\$NtUninstallKB913800$\spuninst\spuninst.exe" Mise à jour pour Lecteur Windows Media 10 (KB926251)-->"C:\WINDOWS\$NtUninstallKB926251$\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB976662)-->"C:\WINDOWS\ie8updates\KB976662-IE8\spuninst\spuninst.exe" Mise à jour pour Windows Internet Explorer 8 (KB980182)-->"C:\WINDOWS\ie8updates\KB980182-IE8\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB951978)-->"C:\WINDOWS\$NtUninstallKB951978$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB955759)-->"C:\WINDOWS\$NtUninstallKB955759$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB961503)-->"C:\WINDOWS\$NtUninstallKB961503$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB967715)-->"C:\WINDOWS\$NtUninstallKB967715$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB968389)-->"C:\WINDOWS\$NtUninstallKB968389$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB971737)-->"C:\WINDOWS\$NtUninstallKB971737$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973687)-->"C:\WINDOWS\$NtUninstallKB973687$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB973815)-->"C:\WINDOWS\$NtUninstallKB973815$\spuninst\spuninst.exe" Mise à jour pour Windows XP (KB980182)-->"C:\WINDOWS\$NtUninstallKB980182$\spuninst\spuninst.exe" MSVCRT-->MsiExec.exe /I{22B775E7-6C42-4FC5-8E10-9A5E3257BD94} MSXML 4.0 SP2 (KB954430)-->MsiExec.exe /I{86493ADD-824D-4B8E-BD72-8C5DCDC52A71} MSXML 4.0 SP2 (KB973688)-->MsiExec.exe /I{F662A8E6-F4DC-41A2-901E-8C11F044BDEC} muvee autoProducer 4.5-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{E073D315-3C54-44BF-A1B2-B5583AEA618C}\setup.exe" -l0x40c muvee autoProducer unPlugged 1.2-->RunDll32 C:\PROGRA~1\FICHIE~1\INSTAL~1\PROFES~1\RunTime\0701\Intel32\Ctor.dll,LaunchSetup "C:\Program Files\InstallShield Installation Information\{35DD9A1D-B340-4F41-A8B0-6EEBFB119280}\setup.exe" -l0x40c Nero 8-->MsiExec.exe /X{D6C9AF27-9414-46C8-B9D8-D878BA041036} neroxml-->MsiExec.exe /I{56C049BE-79E9-4502-BEA7-9754A3E60F9B} NVIDIA Drivers-->C:\WINDOWS\system32\nvudisp.exe UninstallGUI Otto-->"C:\Program Files\FrenchOtto\uninstallotto.exe" Outil de téléchargement Windows Live-->MsiExec.exe /I{205C6BDD-7B73-42DE-8505-9A093F35A238} PS2-->C:\WINDOWS\system32\ps2.exe uninstall Python 2.2 pywin32 extensions (build 203)-->"C:\Python22\Removepywin32.exe" -u "C:\Python22\pywin32-wininst.log" Python 2.2.3-->C:\Python22\UNWISE.EXE C:\Python22\INSTALL.LOG RealPlayer-->C:\Program Files\Fichiers communs\Real\Update_OB\r1puninst.exe RealNetworks|RealPlayer|6.0 Security Update for CAPICOM (KB931906)-->MsiExec.exe /I{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Security Update for CAPICOM (KB931906)-->MsiExec.exe /X{0EFDF2F9-836D-4EB7-A32D-038BD3F1FB2A} Segoe UI-->MsiExec.exe /I{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7} Services Internet-->C:\PROGRA~1\FICHIE~1\INSTAL~1\Driver\1050\INTEL3~1\IDriver.exe /M{5CFD7508-7774-48FE-8280-7A3C0AE71755} /l1036 Sonic Express Labeler-->MsiExec.exe /X{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA} Sonic MyDVD Plus-->MsiExec.exe /X{21657574-BD54-48A2-9450-EB03B2C7FC29} Sonic RecordNow Audio-->MsiExec.exe /X{AB708C9B-97C8-4AC9-899B-DBF226AC9382} Sonic RecordNow Copy-->MsiExec.exe /X{B12665F4-4E93-4AB4-B7FC-37053B524629} Sonic RecordNow Data-->MsiExec.exe /X{075473F5-846A-448B-BCB3-104AA1760205} Sonic Update Manager-->MsiExec.exe /X{30465B6C-B53F-49A1-9EBA-A3F187AD502E} SUPERAntiSpyware-->"C:\Program Files\SUPERAntiSpyware\SASUNINST.EXE" /NOUI Update for Windows XP (KB953356)-->"C:\WINDOWS\$NtUninstallKB953356$\spuninst\spuninst.exe" VCRedistSetup-->MsiExec.exe /I{3921A67A-5AB1-4E48-9444-C71814CF3027} Windows Live Call-->MsiExec.exe /I{B3B487E7-6171-4376-9074-B28082CEB504} Windows Live Communications Platform-->MsiExec.exe /I{3175E049-F9A9-4A3D-8F19-AC9FB04514D1} Windows Live Messenger-->MsiExec.exe /X{445B183D-F4F1-45C8-B9DB-F11355CA657B} Windows Media Format Runtime-->"C:\Program Files\Windows Media Player\wmsetsdk.exe" /UninstallAll Windows XP Media Center Edition 2005 KB908250-->"C:\WINDOWS\$NtUninstallKB908250$\spuninst\spuninst.exe" Windows XP Media Center Edition 2005 KB973768-->"C:\WINDOWS\$NtUninstallKB973768$\spuninst\spuninst.exe" Windows XP Service Pack 3-->"C:\WINDOWS\$NtServicePackUninstall$\spuninst\spuninst.exe" ======Security center information====== AV: AntiVir Desktop (disabled) ======System event log====== Computer Name: NOM-FB9B15D2723 Event Code: 7036 Message: Le service NLA (Network Location Awareness) est entré dans l'état : en cours d'exécution. Record Number: 1130 Source Name: Service Control Manager Time Written: 20100514182212.000000+120 Event Type: Informations User: Computer Name: NOM-FB9B15D2723 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service NLA (Network Location Awareness). Record Number: 1129 Source Name: Service Control Manager Time Written: 20100514182212.000000+120 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: NOM-FB9B15D2723 Event Code: 7036 Message: Le service Pml Driver HPZ12 est entré dans l'état : en cours d'exécution. Record Number: 1128 Source Name: Service Control Manager Time Written: 20100514182212.000000+120 Event Type: Informations User: Computer Name: NOM-FB9B15D2723 Event Code: 7035 Message: Un contrôle Démarrer a correctement été envoyé au service Pml Driver HPZ12. Record Number: 1127 Source Name: Service Control Manager Time Written: 20100514182212.000000+120 Event Type: Informations User: NOM-FB9B15D2723\HP_Administrateur Computer Name: NOM-FB9B15D2723 Event Code: 7036 Message: Le service Application système COM+ est entré dans l'état : en cours d'exécution. Record Number: 1126 Source Name: Service Control Manager Time Written: 20100514182212.000000+120 Event Type: Informations User: =====Application event log===== Computer Name: NOM-FB9B15D2723 Event Code: 37 Message: Record Number: 142 Source Name: NSCService Time Written: 20100506185632.000000+120 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: NOM-FB9B15D2723 Event Code: 36 Message: Record Number: 141 Source Name: NSCService Time Written: 20100506185631.000000+120 Event Type: Informations User: AUTORITE NT\SYSTEM Computer Name: NOM-FB9B15D2723 Event Code: 1800 Message: Le service Centre de sécurité Windows a démarré. Record Number: 140 Source Name: SecurityCenter Time Written: 20100506185629.000000+120 Event Type: Informations User: Computer Name: NOM-FB9B15D2723 Event Code: 11724 Message: Product: Norton AntiSpam -- Removal completed successfully. Record Number: 139 Source Name: MsiInstaller Time Written: 20100506185624.000000+120 Event Type: Informations User: NOM-FB9B15D2723\HP_Administrateur Computer Name: NOM-FB9B15D2723 Event Code: 11724 Message: Produit : Norton Internet Security -- Removal completed successfully. Record Number: 138 Source Name: MsiInstaller Time Written: 20100506185611.000000+120 Event Type: Informations User: NOM-FB9B15D2723\HP_Administrateur ======Environment variables====== "ComSpec"=%SystemRoot%\system32\cmd.exe "Path"=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;c:\Python22 "windir"=%SystemRoot% "FP_NO_HOST_CHECK"=NO "OS"=Windows_NT "PROCESSOR_ARCHITECTURE"=x86 "PROCESSOR_LEVEL"=15 "PROCESSOR_IDENTIFIER"=x86 Family 15 Model 47 Stepping 2, AuthenticAMD "PROCESSOR_REVISION"=2f02 "NUMBER_OF_PROCESSORS"=1 "PATHEXT"=.COM;.EXE;.BAT;.CMD;.VBS;.VBE;.JS;.JSE;.WSF;.WSH "TEMP"=%SystemRoot%\TEMP "TMP"=%SystemRoot%\TEMP "SonicCentral"=c:\Program Files\Fichiers communs\Sonic Shared\Sonic Central\ -----------------EOF----------------- Logfile of random's system information tool 1.07 (written by random/random) Run by HP_Administrateur at 2010-05-30 21:26:41 Microsoft Windows XP Professionnel Service Pack 3 System drive C: has 29 GB (16%) free of 184 GB Total RAM: 1022 MB (39% free) Logfile of Trend Micro HijackThis v2.0.4 Scan saved at 21:26:47, on 30/05/2010 Platform: Windows XP SP3 (WinNT 5.01.2600) MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\arservice.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\ARPWRMSG.EXE C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe C:\WINDOWS\System32\svchost.exe c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\wuauclt.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE c:\windows\system\hpsysdrv.exe C:\WINDOWS\system32\SNDVOL32.EXE C:\Program Files\Windows Live\Messenger\msnmsgr.exe C:\Program Files\Windows Live\Contacts\wlcomm.exe C:\WINDOWS\system32\wscntfy.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\WINDOWS\system32\NOTEPAD.EXE C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Mes documents\Downloads\RSIT.exe C:\Program Files\trend micro\HP_Administrateur.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSConfig] C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\vgogev.exe \u O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O22 - SharedTaskScheduler: Pré-chargeur Browseui - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll O22 - SharedTaskScheduler: Démon de cache des catégories de composant - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: Service d'administration du Gestionnaire de disque logique (dmadmin) - Unknown owner - C:\WINDOWS\System32\dmadmin.exe O23 - Service: Service de planification Media Center (ehSched) - Unknown owner - C:\WINDOWS\eHome\ehSched.exe O23 - Service: Journal des événements (Eventlog) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Fax - Unknown owner - C:\WINDOWS\system32\fxssvc.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Service COM de gravage de CD IMAPI (ImapiService) - Unknown owner - C:\WINDOWS\system32\imapi.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Partage de Bureau à distance NetMeeting (mnmsrvc) - Unknown owner - C:\WINDOWS\system32\mnmsrvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe O23 - Service: Plug-and-Play (PlugPlay) - Unknown owner - C:\WINDOWS\system32\services.exe O23 - Service: Gestionnaire de session d'aide sur le Bureau à distance (RDSessMgr) - Unknown owner - C:\WINDOWS\system32\sessmgr.exe O23 - Service: Carte à puce (SCardSvr) - Unknown owner - C:\WINDOWS\System32\SCardSvr.exe O23 - Service: Journaux et alertes de performance (SysmonLog) - Unknown owner - C:\WINDOWS\system32\smlogsvc.exe O23 - Service: Cliché instantané de volume (VSS) - Unknown owner - C:\WINDOWS\System32\vssvc.exe O23 - Service: Carte de performance WMI (WmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\wmiapsrv.exe -- End of file - 9416 bytes ======Registry dump====== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{06849E9F-C8D7-4D59-B87D-784B7D6BE0B3}] AcroIEHlprObj Class - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14 63136] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}] Java Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-05-24 41760] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}] JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-05-24 79648] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run] "ehTray"=C:\WINDOWS\ehome\ehtray.exe [2005-08-05 64512] "ftutil2"=ftutil2.dll,SetWriteCacheMode [] "AlwaysReady Power Message APP"=C:\WINDOWS\ARPWRMSG.EXE [2005-08-03 77312] "NvCplDaemon"=C:\WINDOWS\system32\NvCpl.dll [2005-12-14 7323648] "nwiz"=nwiz.exe /installquiet /keeploaded /nodetect [] "HPHUPD08"=c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe [2005-06-02 49152] "DMAScheduler"=c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe [2005-11-01 90112] "Recguard"=C:\WINDOWS\SMINST\RECGUARD.EXE [2005-07-22 237568] "PCDrProfiler"= [] "HPBootOp"=C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe [2005-11-10 249856] "Reminder"=C:\Windows\Creator\Remind_XP.exe [2004-12-14 663552] "HP Software Update"=C:\Program Files\HP\HP Software Update\HPwuSchd2.exe [2005-05-12 49152] "TkBellExe"=C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe [2005-01-01 180269] "SunJavaUpdateSched"=C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe [2010-02-18 248040] "NeroFilterCheck"=C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe [2008-06-19 570664] "NBKeyScan"=C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe [2008-06-08 2221352] "avgnt"=C:\Program Files\Avira\AntiVir Desktop\avgnt.exe [2009-03-02 209153] [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run] "ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360] "MSConfig"=C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\vgogev.exe \u [] "IndxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe [2008-06-24 1840424] "SUPERAntiSpyware"=C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2010-05-18 2397424] C:\Documents and Settings\All Users\Menu Démarrer\Programmes\Démarrage HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\!SASWinLogon] C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL [2009-09-04 548352] [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks] "{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"=C:\Program Files\SUPERAntiSpyware\SASSEH.DLL [2008-05-13 77824] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\fqennwla.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\wycvphoq.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\fqennwla.sys] [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\wycvphoq.sys] [HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System] "dontdisplaylastusername"=0 "legalnoticecaption"= "legalnoticetext"= "shutdownwithoutlogon"=1 "undockwithoutlogon"=1 "InstallVisualStyle"=C:\WINDOWS\Resources\Themes\Royale\Royale.msstyles "InstallTheme"=C:\WINDOWS\Resources\Themes\Royale.theme [HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer] "NoDriveTypeAutoRun"=145 [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe:*:Enabled:hpqtra08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe:*:Enabled:hpqste08.exe" "C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe"="C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe:*:Enabled:hpofxm08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe"="C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe:*:Enabled:hposfx08.exe" "C:\Program Files\HP\Digital Imaging\bin\hposid01.exe"="C:\Program Files\HP\Digital Imaging\bin\hposid01.exe:*:Enabled:hposid01.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqscnvw.exe:*:Enabled:hpqscnvw.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe:*:Enabled:hpqkygrp.exe" "C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpqCopy.exe:*:Enabled:hpqcopy.exe" "C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe"="C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe:*:Enabled:hpfccopy.exe" "C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe:*:Enabled:hpzwiz01.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqPhUnl.exe:*:Enabled:hpqphunl.exe" "C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe"="C:\Program Files\HP\Digital Imaging\Unload\HpqDIA.exe:*:Enabled:hpqdia.exe" "C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe"="C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe:*:Enabled:hpoews01.exe" "C:\Program Files\AOL 9.0\waol.exe"="C:\Program Files\AOL 9.0\waol.exe:*:Enabled:AOL France" "C:\Program Files\Messenger\msmsgs.exe"="C:\Program Files\Messenger\msmsgs.exe:*:Enabled:Windows Messenger" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" "C:\Program Files\uTorrent\uTorrent.exe"="C:\Program Files\uTorrent\uTorrent.exe:*:Enabled:µTorrent" [HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list] "%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019" "%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000" "C:\Program Files\Windows Live\Messenger\msnmsgr.exe"="C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger" ======List of files/folders created in the last 1 months====== 2010-05-30 21:26:42 ----D---- C:\Program Files\trend micro 2010-05-30 21:26:41 ----D---- C:\rsit 2010-05-30 20:00:33 ----D---- C:\WINDOWS\LastGood 2010-05-30 03:54:31 ----D---- C:\WINDOWS\system32\appmgmt 2010-05-30 02:53:07 ----D---- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\SUPERAntiSpyware.com 2010-05-30 02:53:07 ----D---- C:\Documents and Settings\All Users\Application Data\SUPERAntiSpyware.com 2010-05-30 02:53:01 ----D---- C:\Program Files\SUPERAntiSpyware 2010-05-29 03:48:19 ----D---- C:\Avenger 2010-05-29 02:10:51 ----D---- C:\Program Files\Avira 2010-05-29 02:10:51 ----D---- C:\Documents and Settings\All Users\Application Data\Avira 2010-05-28 15:27:50 ----D---- C:\WINDOWS\system32\LogFiles 2010-05-27 20:50:48 ----D---- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Nero 2010-05-27 20:49:46 ----A---- C:\WINDOWS\system32\MsiExec.exe.log 2010-05-27 20:33:05 ----A---- C:\WINDOWS\system32\d3dx9_30.dll 2010-05-27 20:32:57 ----A---- C:\WINDOWS\system32\d3dx9_28.dll 2010-05-27 19:22:10 ----D---- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\WinRAR 2010-05-26 20:46:12 ----D---- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Leadertech 2010-05-25 14:27:10 ----D---- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\uTorrent 2010-05-24 21:42:20 ----D---- C:\Documents and Settings\All Users\Application Data\Sun 2010-05-24 21:26:07 ----A---- C:\WINDOWS\system32\deployJava1.dll 2010-05-24 21:26:06 ----A---- C:\WINDOWS\system32\javaws.exe 2010-05-24 21:26:06 ----A---- C:\WINDOWS\system32\javaw.exe 2010-05-24 21:26:06 ----A---- C:\WINDOWS\system32\java.exe 2010-05-24 21:19:50 ----D---- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Sun 2010-05-22 06:35:01 ----D---- C:\Program Files\RegCleaner 2010-05-21 21:27:56 ----D---- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Template 2010-05-16 08:16:46 ----D---- C:\Documents and Settings\All Users\Application Data\nView_Profiles 2010-05-12 10:02:42 ----HDC---- C:\WINDOWS\$NtUninstallKB978542$ 2010-05-11 10:42:39 ----D---- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\AdobeUM 2010-05-08 22:09:31 ----D---- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\HP 2010-05-07 20:23:00 ----D---- C:\WINDOWS\Prefetch 2010-05-07 19:43:23 ----HDC---- C:\WINDOWS\$NtUninstallKB980232$ 2010-05-07 19:43:00 ----HDC---- C:\WINDOWS\$NtUninstallKB979683$ 2010-05-07 19:42:45 ----HDC---- C:\WINDOWS\$NtUninstallKB979309$ 2010-05-07 19:42:29 ----HDC---- C:\WINDOWS\$NtUninstallKB978601$ 2010-05-07 19:42:13 ----HDC---- C:\WINDOWS\$NtUninstallKB978338$ 2010-05-07 19:33:59 ----D---- C:\WINDOWS\system32\fr 2010-05-07 19:33:58 ----D---- C:\WINDOWS\system32\bits 2010-05-07 19:18:03 ----N---- C:\WINDOWS\system32\ieencode.dll 2010-05-07 08:19:31 ----A---- C:\WINDOWS\system32\muweb.dll 2010-05-07 08:19:31 ----A---- C:\WINDOWS\system32\mucltui.dll.mui 2010-05-07 08:19:31 ----A---- C:\WINDOWS\system32\mucltui.dll 2010-05-06 19:19:39 ----D---- C:\WINDOWS\system32\fr-FR 2010-05-06 19:15:14 ----A---- C:\WINDOWS\system32\MRT.exe 2010-05-06 18:53:14 ----A---- C:\WINDOWS\system32\LuResult.txt 2010-05-06 08:44:13 ----N---- C:\WINDOWS\system32\wmphoto.dll 2010-05-06 08:44:12 ----N---- C:\WINDOWS\system32\wlanapi.dll 2010-05-06 08:44:10 ----N---- C:\WINDOWS\system32\windowscodecsext.dll 2010-05-06 08:44:10 ----N---- C:\WINDOWS\system32\windowscodecs.dll 2010-05-06 08:44:04 ----N---- C:\WINDOWS\system32\tspkg.dll 2010-05-06 08:44:03 ----N---- C:\WINDOWS\system32\tsgqec.dll 2010-05-06 08:43:58 ----N---- C:\WINDOWS\system32\spupdwxp.exe 2010-05-06 08:43:57 ----A---- C:\WINDOWS\system32\spdwnwxp.exe 2010-05-06 08:43:56 ----N---- C:\WINDOWS\system32\slserv.exe 2010-05-06 08:43:56 ----N---- C:\WINDOWS\system32\slrundll.exe 2010-05-06 08:43:56 ----N---- C:\WINDOWS\system32\slgen.dll 2010-05-06 08:43:56 ----N---- C:\WINDOWS\system32\slextspk.dll 2010-05-06 08:43:56 ----N---- C:\WINDOWS\system32\slcoinst.dll 2010-05-06 08:43:53 ----N---- C:\WINDOWS\system32\setupn.exe 2010-05-06 08:43:51 ----N---- C:\WINDOWS\system32\s3gnb.dll 2010-05-06 08:43:50 ----N---- C:\WINDOWS\system32\rhttpaa.dll 2010-05-06 08:43:48 ----N---- C:\WINDOWS\system32\rasqec.dll 2010-05-06 08:43:47 ----N---- C:\WINDOWS\system32\qutil.dll 2010-05-06 08:43:46 ----N---- C:\WINDOWS\system32\qcliprov.dll 2010-05-06 08:43:46 ----N---- C:\WINDOWS\system32\qagentrt.dll 2010-05-06 08:43:46 ----N---- C:\WINDOWS\system32\qagent.dll 2010-05-06 08:43:44 ----N---- C:\WINDOWS\system32\photometadatahandler.dll 2010-05-06 08:43:42 ----N---- C:\WINDOWS\system32\onex.dll 2010-05-06 08:43:32 ----N---- C:\WINDOWS\system32\napstat.exe 2010-05-06 08:43:32 ----N---- C:\WINDOWS\system32\napmontr.dll 2010-05-06 08:43:32 ----N---- C:\WINDOWS\system32\napipsec.dll 2010-05-06 08:43:31 ----N---- C:\WINDOWS\system32\mtxparhd.dll 2010-05-06 08:43:30 ----N---- C:\WINDOWS\system32\msxml6.dll 2010-05-06 08:43:30 ----N---- C:\WINDOWS\system32\msshavmsg.dll 2010-05-06 08:43:30 ----N---- C:\WINDOWS\system32\mssha.dll 2010-05-06 08:43:25 ----N---- C:\WINDOWS\system32\mmcperf.exe 2010-05-06 08:43:25 ----N---- C:\WINDOWS\system32\mmcfxcommon.dll 2010-05-06 08:43:25 ----N---- C:\WINDOWS\system32\mmcex.dll 2010-05-06 08:43:24 ----N---- C:\WINDOWS\system32\microsoft.managementconsole.dll 2010-05-06 08:43:24 ----N---- C:\WINDOWS\system32\mdmxsdk.dll 2010-05-06 08:43:23 ----N---- C:\WINDOWS\system32\l2gpstore.dll 2010-05-06 08:43:23 ----N---- C:\WINDOWS\system32\kmsvc.dll 2010-05-06 08:43:22 ----N---- C:\WINDOWS\system32\kbdpash.dll 2010-05-06 08:43:22 ----N---- C:\WINDOWS\system32\kbdnepr.dll 2010-05-06 08:43:22 ----N---- C:\WINDOWS\system32\kbdiultn.dll 2010-05-06 08:43:22 ----N---- C:\WINDOWS\system32\kbdbhc.dll 2010-05-06 08:43:21 ----N---- C:\WINDOWS\system32\smtpapi.dll 2010-05-06 08:43:20 ----N---- C:\WINDOWS\system32\rwnh.dll 2010-05-06 08:43:20 ----N---- C:\WINDOWS\system32\comsdupd.exe 2010-05-06 08:43:19 ----N---- C:\WINDOWS\system32\hsfcisp2.dll 2010-05-06 08:43:16 ----N---- C:\WINDOWS\system32\faxpatch.exe 2010-05-06 08:43:16 ----A---- C:\WINDOWS\005776_.tmp 2010-05-06 08:43:15 ----N---- C:\WINDOWS\system32\eapsvc.dll 2010-05-06 08:43:15 ----N---- C:\WINDOWS\system32\eapqec.dll 2010-05-06 08:43:15 ----N---- C:\WINDOWS\system32\eappprxy.dll 2010-05-06 08:43:15 ----N---- C:\WINDOWS\system32\eapphost.dll 2010-05-06 08:43:15 ----N---- C:\WINDOWS\system32\eappgnui.dll 2010-05-06 08:43:15 ----N---- C:\WINDOWS\system32\eappcfg.dll 2010-05-06 08:43:15 ----N---- C:\WINDOWS\system32\eapp3hst.dll 2010-05-06 08:43:15 ----N---- C:\WINDOWS\system32\eapolqec.dll 2010-05-06 08:43:14 ----N---- C:\WINDOWS\system32\dot3ui.dll 2010-05-06 08:43:14 ----N---- C:\WINDOWS\system32\dot3svc.dll 2010-05-06 08:43:14 ----N---- C:\WINDOWS\system32\dot3msm.dll 2010-05-06 08:43:14 ----N---- C:\WINDOWS\system32\dot3gpclnt.dll 2010-05-06 08:43:14 ----N---- C:\WINDOWS\system32\dot3dlg.dll 2010-05-06 08:43:14 ----N---- C:\WINDOWS\system32\dot3cfg.dll 2010-05-06 08:43:14 ----N---- C:\WINDOWS\system32\dot3api.dll 2010-05-06 08:43:13 ----N---- C:\WINDOWS\system32\dimsroam.dll 2010-05-06 08:43:13 ----N---- C:\WINDOWS\system32\dimsntfy.dll 2010-05-06 08:43:13 ----N---- C:\WINDOWS\system32\dhcpqec.dll 2010-05-06 08:43:12 ----N---- C:\WINDOWS\system32\credssp.dll 2010-05-06 08:43:09 ----N---- C:\WINDOWS\system32\bitsprx4.dll 2010-05-06 08:43:09 ----N---- C:\WINDOWS\system32\azroles.dll 2010-05-06 08:43:08 ----N---- C:\WINDOWS\system32\ativvaxx.dll 2010-05-06 08:43:08 ----N---- C:\WINDOWS\system32\ativtmxx.dll 2010-05-06 08:43:08 ----N---- C:\WINDOWS\system32\ati3duag.dll 2010-05-06 08:43:08 ----N---- C:\WINDOWS\system32\ati3d1ag.dll 2010-05-06 08:43:08 ----N---- C:\WINDOWS\system32\ati2dvag.dll 2010-05-06 08:43:08 ----N---- C:\WINDOWS\system32\ati2dvaa.dll 2010-05-06 08:43:08 ----N---- C:\WINDOWS\system32\ati2cqag.dll 2010-05-06 08:43:06 ----N---- C:\WINDOWS\system32\aaclient.dll 2010-05-06 08:41:35 ----D---- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Adobe 2010-05-05 19:56:46 ----HDC---- C:\WINDOWS\$NtUninstallKB981350$ 2010-05-05 19:47:13 ----HDC---- C:\WINDOWS\$NtUninstallKB980182$ 2010-05-05 19:19:09 ----N---- C:\WINDOWS\system32\browserchoice.exe 2010-05-05 19:17:37 ----N---- C:\WINDOWS\system32\tzchange.exe 2010-05-05 19:17:09 ----D---- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Macromedia 2010-05-05 12:57:20 ----D---- C:\WINDOWS\system32\PreInstall 2010-05-05 12:54:23 ----RSHD---- C:\cmdcons 2010-05-05 12:53:59 ----D---- C:\WINDOWS\setupupd 2010-05-05 12:36:14 ----D---- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Malwarebytes 2010-05-05 12:07:05 ----RSHD---- C:\WINDOWS\system32\dllcache 2010-05-05 04:33:34 ----ASH---- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\desktop.ini 2010-05-05 04:33:28 ----SD---- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Microsoft 2010-05-05 04:33:28 ----D---- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Real 2010-05-05 04:33:28 ----D---- C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Application Data\Identities 2010-05-05 04:32:00 ----D---- C:\WINDOWS\system32\SoftwareDistribution 2010-05-02 02:46:56 ----A---- C:\rapport.txt 2010-05-02 00:26:12 ----D---- C:\Program Files\Malwarebytes' Anti-Malware 2010-05-02 00:26:12 ----D---- C:\Documents and Settings\All Users\Application Data\Malwarebytes 2010-05-02 00:20:11 ----A---- C:\WINDOWS\ntbtlog.txt ======List of files/folders modified in the last 1 months====== 2010-05-30 21:26:42 ----RD---- C:\Program Files 2010-05-30 21:25:59 ----A---- C:\WINDOWS\NeroDigital.ini 2010-05-30 20:03:29 ----AD---- C:\WINDOWS\Temp 2010-05-30 20:01:01 ----HD---- C:\WINDOWS\inf 2010-05-30 20:00:34 ----D---- C:\WINDOWS\system32\CatRoot2 2010-05-30 20:00:33 ----AD---- C:\WINDOWS 2010-05-30 19:58:56 ----D---- C:\WINDOWS\Registration 2010-05-30 19:58:31 ----A---- C:\WINDOWS\SchedLgU.Txt 2010-05-30 14:49:42 ----D---- C:\WINDOWS\system32\CatRoot 2010-05-30 04:19:37 ----D---- C:\Program Files\PokerStars 2010-05-30 04:08:34 ----D---- C:\Program Files\Spybot - Search & Destroy 2010-05-30 04:08:31 ----D---- C:\Documents and Settings\All Users\Application Data\Spybot - Search & Destroy 2010-05-30 04:08:19 ----A---- C:\WINDOWS\win.ini 2010-05-30 04:08:10 ----D---- C:\Program Files\Everest Poker 2010-05-30 04:00:10 ----D---- C:\WINDOWS\system32 2010-05-30 03:54:30 ----SHD---- C:\WINDOWS\Installer 2010-05-30 03:45:46 ----HD---- C:\Config.Msi 2010-05-30 03:45:29 ----D---- C:\WINDOWS\system32\drivers 2010-05-30 03:22:09 ----SD---- C:\WINDOWS\Tasks 2010-05-29 12:08:14 ----A---- C:\WINDOWS\cdplayer.ini 2010-05-29 03:48:19 ----HDC---- C:\WINDOWS\$NtUninstallKB933729$ 2010-05-29 02:09:15 ----D---- C:\WINDOWS\WinSxS 2010-05-29 02:05:30 ----D---- C:\Program Files\Messenger 2010-05-27 20:33:07 ----D---- C:\WINDOWS\system32\DirectX 2010-05-27 19:43:34 ----A---- C:\WINDOWS\Opera.INI 2010-05-27 19:21:24 ----D---- C:\Program Files\WinRAR 2010-05-25 14:30:33 ----D---- C:\Program Files\uTorrent 2010-05-24 21:42:15 ----D---- C:\Program Files\Fichiers communs\Java 2010-05-22 19:16:29 ----D---- C:\WINDOWS\system32\FxsTmp 2010-05-22 06:38:22 ----HDC---- C:\WINDOWS\$NtUninstallKB926255$ 2010-05-22 05:41:33 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9$ 2010-05-22 05:41:31 ----HDC---- C:\WINDOWS\$NtUninstallKB969947$ 2010-05-22 03:16:09 ----SHD---- C:\System Volume Information 2010-05-21 22:01:10 ----A---- C:\WINDOWS\WORDPAD.INI 2010-05-19 09:10:29 ----AD---- C:\WINDOWS\CREATOR 2010-05-12 10:02:44 ----D---- C:\Program Files\Outlook Express 2010-05-12 08:23:25 ----HD---- C:\WINDOWS\$hf_mig$ 2010-05-07 20:51:08 ----A---- C:\WINDOWS\imsins.BAK 2010-05-07 20:51:04 ----HDC---- C:\WINDOWS\$NtUninstallKB956744$ 2010-05-07 20:50:41 ----HDC---- C:\WINDOWS\$NtUninstallKB951978$ 2010-05-07 20:48:36 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI 2010-05-07 20:43:13 ----D---- C:\WINDOWS\system32\wbem 2010-05-07 20:43:13 ----D---- C:\WINDOWS\AppPatch 2010-05-07 20:23:36 ----A---- C:\WINDOWS\OEWABLog.txt 2010-05-07 20:23:04 ----A---- C:\WINDOWS\setuplog.txt 2010-05-07 20:22:43 ----D---- C:\WINDOWS\system32\Setup 2010-05-07 20:22:41 ----RSD---- C:\WINDOWS\Fonts 2010-05-07 20:21:53 ----D---- C:\WINDOWS\security 2010-05-07 19:34:23 ----D---- C:\WINDOWS\system32\inetsrv 2010-05-07 19:34:22 ----D---- C:\WINDOWS\ime 2010-05-07 19:34:22 ----D---- C:\WINDOWS\Help 2010-05-07 19:34:01 ----D---- C:\WINDOWS\system32\usmt 2010-05-07 19:33:59 ----D---- C:\Program Files\Internet Explorer 2010-05-07 19:33:58 ----D---- C:\WINDOWS\PeerNet 2010-05-07 19:33:58 ----D---- C:\Program Files\Movie Maker 2010-05-07 19:33:25 ----D---- C:\WINDOWS\system32\Restore 2010-05-07 19:33:25 ----D---- C:\WINDOWS\system32\npp 2010-05-07 19:33:24 ----D---- C:\WINDOWS\msagent 2010-05-07 19:33:22 ----D---- C:\WINDOWS\srchasst 2010-05-07 19:33:20 ----D---- C:\Program Files\NetMeeting 2010-05-07 19:33:18 ----D---- C:\WINDOWS\system32\Com 2010-05-07 19:33:14 ----D---- C:\Program Files\Windows NT 2010-05-07 19:33:10 ----D---- C:\Program Files\Fichiers communs\System 2010-05-07 19:32:46 ----D---- C:\WINDOWS\system32\oobe 2010-05-07 19:32:38 ----D---- C:\WINDOWS\system 2010-05-07 19:26:59 ----D---- C:\WINDOWS\system32\ReinstallBackups 2010-05-07 19:26:46 ----HDC---- C:\WINDOWS\$NtServicePackUninstall$ 2010-05-07 19:21:09 ----AD---- C:\WINDOWS\ehome 2010-05-06 19:26:15 ----D---- C:\Program Files\Fichiers communs\Symantec Shared 2010-05-06 19:26:15 ----D---- C:\Documents and Settings\All Users\Application Data\Symantec 2010-05-06 19:21:02 ----HDC---- C:\WINDOWS\ie8 2010-05-06 19:00:29 ----SHD---- C:\RECYCLER 2010-05-06 18:56:42 ----D---- C:\Program Files\Fichiers communs 2010-05-06 09:26:47 ----HDC---- C:\WINDOWS\$NtUninstallKB970430$ 2010-05-06 09:26:41 ----D---- C:\Program Files\Windows Media Player 2010-05-06 09:26:39 ----HDC---- C:\WINDOWS\$NtUninstallKB926251$ 2010-05-06 09:26:09 ----HDC---- C:\WINDOWS\$NtUninstallKB971737$ 2010-05-06 08:30:12 ----HD---- C:\hp 2010-05-05 20:00:02 ----HDC---- C:\WINDOWS\$NtUninstallKB899587$ 2010-05-05 19:59:52 ----HDC---- C:\WINDOWS\$NtUninstallKB927779$ 2010-05-05 19:59:40 ----HDC---- C:\WINDOWS\$NtUninstallKB978262$ 2010-05-05 19:59:31 ----HDC---- C:\WINDOWS\$NtUninstallKB951376-v2$ 2010-05-05 19:59:23 ----HDC---- C:\WINDOWS\$NtUninstallKB927802$ 2010-05-05 19:59:13 ----HDC---- C:\WINDOWS\$NtUninstallKB952954$ 2010-05-05 19:59:04 ----HDC---- C:\WINDOWS\$NtUninstallKB959426$ 2010-05-05 19:58:53 ----HDC---- C:\WINDOWS\$NtUninstallKB943460$ 2010-05-05 19:58:45 ----HDC---- C:\WINDOWS\$NtUninstallKB946648$ 2010-05-05 19:58:35 ----HDC---- C:\WINDOWS\$NtUninstallKB956803$ 2010-05-05 19:58:24 ----HDC---- C:\WINDOWS\$NtUninstallKB960859$ 2010-05-05 19:58:15 ----HDC---- C:\WINDOWS\$NtUninstallKB971468$ 2010-05-05 19:58:03 ----HDC---- C:\WINDOWS\$NtUninstallKB979683_0$ 2010-05-05 19:57:52 ----HDC---- C:\WINDOWS\$NtUninstallKB928255$ 2010-05-05 19:57:42 ----HDC---- C:\WINDOWS\$NtUninstallKB911927$ 2010-05-05 19:57:26 ----HDC---- C:\WINDOWS\$NtUninstallKB901017$ 2010-05-05 19:57:16 ----HDC---- C:\WINDOWS\$NtUninstallKB954155_WM9$ 2010-05-05 19:57:11 ----HDC---- C:\WINDOWS\$NtUninstallKB899591$ 2010-05-05 19:57:01 ----HDC---- C:\WINDOWS\$NtUninstallKB923723$ 2010-05-05 19:56:55 ----HDC---- C:\WINDOWS\$NtUninstallKB980232_0$ 2010-05-05 19:56:41 ----HDC---- C:\WINDOWS\$NtUninstallKB893756$ 2010-05-05 19:56:29 ----HDC---- C:\WINDOWS\$NtUninstallKB923980$ 2010-05-05 19:56:21 ----HDC---- C:\WINDOWS\$NtUninstallKB911280$ 2010-05-05 19:56:10 ----HDC---- C:\WINDOWS\$NtUninstallKB911562$ 2010-05-05 19:56:01 ----HDC---- C:\WINDOWS\$NtUninstallKB938828$ 2010-05-05 19:55:51 ----HDC---- C:\WINDOWS\$NtUninstallKB924667$ 2010-05-05 19:55:43 ----HDC---- C:\WINDOWS\$NtUninstallKB955759$ 2010-05-05 19:55:34 ----HDC---- C:\WINDOWS\$NtUninstallKB896423$ 2010-05-05 19:55:24 ----HDC---- C:\WINDOWS\$NtUninstallKB900485$ 2010-05-05 19:55:14 ----HDC---- C:\WINDOWS\$NtUninstallKB924270$ 2010-05-05 19:55:04 ----HDC---- C:\WINDOWS\$NtUninstallKB931261$ 2010-05-05 19:54:53 ----HDC---- C:\WINDOWS\$NtUninstallKB974318$ 2010-05-05 19:54:44 ----HDC---- C:\WINDOWS\$NtUninstallKB969059$ 2010-05-05 19:54:35 ----HDC---- C:\WINDOWS\$NtUninstallKB924496$ 2010-05-05 19:54:25 ----HDC---- C:\WINDOWS\$NtUninstallKB961503$ 2010-05-05 19:54:15 ----HDC---- C:\WINDOWS\$NtUninstallKB927891$ 2010-05-05 19:54:06 ----HDC---- C:\WINDOWS\$NtUninstallKB950974$ 2010-05-05 19:53:56 ----HDC---- C:\WINDOWS\$NtUninstallKB978037$ 2010-05-05 19:53:48 ----HDC---- C:\WINDOWS\$NtUninstallKB975713$ 2010-05-05 19:53:39 ----HDC---- C:\WINDOWS\$NtUninstallKB971657$ 2010-05-05 19:53:28 ----HDC---- C:\WINDOWS\$NtUninstallKB978338_0$ 2010-05-05 19:53:19 ----HDC---- C:\WINDOWS\$NtUninstallKB946026$ 2010-05-05 19:53:09 ----HDC---- C:\WINDOWS\$NtUninstallKB960225$ 2010-05-05 19:53:02 ----HDC---- C:\WINDOWS\$NtUninstallKB972270$ 2010-05-05 19:52:52 ----HDC---- C:\WINDOWS\$NtUninstallKB925398_WMP64$ 2010-05-05 19:52:40 ----HDC---- C:\WINDOWS\$NtUninstallKB974112$ 2010-05-05 19:52:27 ----HDC---- C:\WINDOWS\$NtUninstallKB956572$ 2010-05-05 19:52:09 ----HDC---- C:\WINDOWS\$NtUninstallKB910437$ 2010-05-05 19:51:58 ----HDC---- C:\WINDOWS\$NtUninstallKB956844$ 2010-05-05 19:51:51 ----HDC---- C:\WINDOWS\$NtUninstallKB961501$ 2010-05-05 19:51:45 ----HDC---- C:\WINDOWS\$NtUninstallKB968816_WM9$ 2010-05-05 19:51:36 ----HDC---- C:\WINDOWS\$NtUninstallKB975561$ 2010-05-05 19:51:27 ----HDC---- C:\WINDOWS\$NtUninstallKB952069_WM9$ 2010-05-05 19:51:21 ----HDC---- C:\WINDOWS\$NtUninstallKB973869$ 2010-05-05 19:51:08 ----HDC---- C:\WINDOWS\$NtUninstallKB925902$ 2010-05-05 19:50:59 ----HDC---- C:\WINDOWS\$NtUninstallKB975025$ 2010-05-05 19:50:48 ----HDC---- C:\WINDOWS\$NtUninstallKB913800$ 2010-05-05 19:50:27 ----HDC---- C:\WINDOWS\$NtUninstallKB929123$ 2010-05-05 19:50:16 ----HDC---- C:\WINDOWS\$NtUninstallKB973540_WM9L$ 2010-05-05 19:50:08 ----HDC---- C:\WINDOWS\$NtUninstallKB920670$ 2010-05-05 19:49:58 ----HDC---- C:\WINDOWS\$NtUninstallKB952004$ 2010-05-05 19:49:47 ----HDC---- C:\WINDOWS\$NtUninstallKB974571$ 2010-05-05 19:49:38 ----HDC---- C:\WINDOWS\$NtUninstallKB918439$ 2010-05-05 19:49:30 ----HDC---- C:\WINDOWS\$NtUninstallKB975560$ 2010-05-05 19:49:17 ----HDC---- C:\WINDOWS\$NtUninstallKB890046$ 2010-05-05 19:49:08 ----HDC---- C:\WINDOWS\$NtUninstallKB926436$ 2010-05-05 19:49:00 ----HDC---- C:\WINDOWS\$NtUninstallKB973507$ 2010-05-05 19:48:49 ----HDC---- C:\WINDOWS\$NtUninstallKB920872$ 2010-05-05 19:48:39 ----HDC---- C:\WINDOWS\$NtUninstallKB930178$ 2010-05-05 19:48:32 ----HDC---- C:\WINDOWS\$NtUninstallKB941569$ 2010-05-05 19:48:21 ----HDC---- C:\WINDOWS\$NtUninstallKB914388$ 2010-05-05 19:48:10 ----HDC---- C:\WINDOWS\$NtUninstallKB977816$ 2010-05-05 19:48:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973687$ 2010-05-05 19:47:52 ----HDC---- C:\WINDOWS\$NtUninstallKB905414$ 2010-05-05 19:47:41 ----HDC---- C:\WINDOWS\$NtUninstallKB950762$ 2010-05-05 19:47:03 ----HDC---- C:\WINDOWS\$NtUninstallKB978601_0$ 2010-05-05 19:46:53 ----HDC---- C:\WINDOWS\$NtUninstallKB923191$ 2010-05-05 19:46:45 ----HDC---- C:\WINDOWS\$NtUninstallKB952287$ 2010-05-05 19:46:35 ----HDC---- C:\WINDOWS\$NtUninstallKB973354$ 2010-05-05 19:46:23 ----HDC---- C:\WINDOWS\$NtUninstallKB922582$ 2010-05-05 19:46:12 ----HDC---- C:\WINDOWS\$NtUninstallKB973904$ 2010-05-05 19:46:00 ----HDC---- C:\WINDOWS\$NtUninstallKB918118$ 2010-05-05 19:45:40 ----HDC---- C:\WINDOWS\$NtUninstallKB967715$ 2010-05-05 19:45:25 ----HDC---- C:\WINDOWS\$NtUninstallKB888302$ 2010-05-05 19:45:18 ----HDC---- C:\WINDOWS\$NtUninstallKB950760$ 2010-05-05 19:45:07 ----HDC---- C:\WINDOWS\$NtUninstallKB951066$ 2010-05-05 19:44:59 ----HDC---- C:\WINDOWS\$NtUninstallKB900725$ 2010-05-05 19:44:45 ----HDC---- C:\WINDOWS\$NtUninstallKB974392$ 2010-05-05 19:44:37 ----HDC---- C:\WINDOWS\$NtUninstallKB938127$ 2010-05-05 19:44:23 ----HDC---- C:\WINDOWS\$NtUninstallKB945553$ 2010-05-05 19:44:14 ----HDC---- C:\WINDOWS\$NtUninstallKB886185$ 2010-05-05 19:44:05 ----HDC---- C:\WINDOWS\$NtUninstallKB916595$ 2010-05-05 19:43:52 ----HDC---- C:\WINDOWS\$NtUninstallKB930916$ 2010-05-05 19:42:58 ----HDC---- C:\WINDOWS\$NtUninstallKB977914$ 2010-05-05 19:42:46 ----HDC---- C:\WINDOWS\$NtUninstallKB951748$ 2010-05-05 19:42:35 ----HDC---- C:\WINDOWS\$NtUninstallKB971961$ 2010-05-05 19:42:22 ----HDC---- C:\WINDOWS\$NtUninstallKB973768$ 2010-05-05 19:42:10 ----HDC---- C:\WINDOWS\$NtUninstallKB970238$ 2010-05-05 19:41:58 ----HDC---- C:\WINDOWS\$NtUninstallKB950749$ 2010-05-05 19:41:42 ----HDC---- C:\WINDOWS\$NtUninstallKB979309_0$ 2010-05-05 19:41:34 ----HDC---- C:\WINDOWS\$NtUninstallKB978706$ 2010-05-05 19:41:24 ----HDC---- C:\WINDOWS\$NtUninstallKB958470$ 2010-05-05 19:41:13 ----HDC---- C:\WINDOWS\$NtUninstallKB960803$ 2010-05-05 19:41:02 ----HDC---- C:\WINDOWS\$NtUninstallKB973815$ 2010-05-05 19:40:52 ----HDC---- C:\WINDOWS\$NtUninstallKB908531$ 2010-05-05 19:40:38 ----HDC---- C:\WINDOWS\$NtUninstallKB971032$ 2010-05-05 19:40:24 ----HDC---- C:\WINDOWS\$NtUninstallKB905749$ 2010-05-05 19:40:14 ----HDC---- C:\WINDOWS\$NtUninstallKB958644$ 2010-05-05 19:40:06 ----HDC---- C:\WINDOWS\$NtUninstallKB913580$ 2010-05-05 19:39:54 ----HDC---- C:\WINDOWS\$NtUninstallKB955069$ 2010-05-05 19:39:45 ----HDC---- C:\WINDOWS\$NtUninstallKB956802$ 2010-05-05 19:39:18 ----HDC---- C:\WINDOWS\$NtUninstallKB943055$ 2010-05-05 19:39:04 ----HDC---- C:\WINDOWS\$NtUninstallKB979306$ 2010-05-05 19:38:55 ----HDC---- C:\WINDOWS\$NtUninstallKB953295$ 2010-05-05 19:38:33 ----HDC---- C:\WINDOWS\$NtUninstallKB920683$ 2010-05-05 19:38:24 ----HDC---- C:\WINDOWS\$NtUninstallKB953356$ 2010-05-05 19:38:16 ----HDC---- C:\WINDOWS\$NtUninstallKB914389$ 2010-05-05 19:38:07 ----HDC---- C:\WINDOWS\$NtUninstallKB944338-v2$ 2010-05-05 19:37:58 ----HDC---- C:\WINDOWS\$NtUninstallKB923561$ 2010-05-05 19:37:48 ----HDC---- C:\WINDOWS\$NtUninstallKB944653$ 2010-05-05 19:37:39 ----HDC---- C:\WINDOWS\$NtUninstallKB890859$ 2010-05-05 19:37:26 ----HDC---- C:\WINDOWS\$NtUninstallKB975467$ 2010-05-05 19:37:16 ----HDC---- C:\WINDOWS\$NtUninstallKB968389$ 2010-05-05 19:37:07 ----HDC---- C:\WINDOWS\$NtUninstallKB928843$ 2010-05-05 12:57:18 ----HDC---- C:\WINDOWS\$NtUninstallKB898461$ 2010-05-05 12:54:36 ----RASH---- C:\boot.ini 2010-05-05 12:54:23 ----A---- C:\WINDOWS\UPGRADE.TXT 2010-05-05 12:22:34 ----D---- C:\WINDOWS\I386 2010-05-05 12:20:20 ----RSD---- C:\WINDOWS\assembly 2010-05-05 12:20:20 ----RD---- C:\WINDOWS\Web 2010-05-05 12:20:20 ----RD---- C:\WINDOWS\Offline Web Pages 2010-05-05 04:35:06 ----AD---- C:\WINDOWS\system32\pcintro 2010-05-05 04:33:26 ----D---- C:\Documents and Settings 2010-05-05 04:32:09 ----D---- C:\WINDOWS\SoftwareDistribution 2010-05-05 04:31:46 ----RASH---- C:\BOOT.BAK 2010-05-05 04:30:21 ----A---- C:\WINDOWS\system.ini 2010-05-05 02:33:01 ----HDC---- C:\WINDOWS\$NtUninstallKB976098-v2$ 2010-05-05 02:11:32 ----SHD---- C:\WINDOWS\CSC 2010-05-03 12:46:46 ----HDC---- C:\WINDOWS\$NtUninstallKB932168$ 2010-05-03 07:37:59 ----HDC---- C:\WINDOWS\$NtUninstallKB951698_0$ 2010-05-02 19:30:18 ----HDC---- C:\WINDOWS\$NtUninstallKB959426_0$ 2010-05-02 17:51:16 ----HDC---- C:\WINDOWS\$NtUninstallKB887998$ 2010-05-02 04:04:45 ----D---- C:\Documents and Settings\All Users\Application Data\Kaspersky Lab 2010-05-02 02:23:40 ----D---- C:\Documents and Settings\All Users\Application Data\Nero 2010-05-02 02:11:48 ----HDC---- C:\WINDOWS\$NtUninstallKB978251$ 2010-05-02 02:11:46 ----HDC---- C:\WINDOWS\$NtUninstallKB977165-v2$ 2010-05-02 02:11:27 ----HDC---- C:\WINDOWS\$NtUninstallKB973687_1$ 2010-05-02 01:49:36 ----HDC---- C:\WINDOWS\$NtUninstallKB961373$ 2010-05-02 00:12:52 ----D---- C:\Program Files\ESET ======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R1 AmdK8;Pilote de processeur AMD; C:\WINDOWS\system32\DRIVERS\AmdK8.sys [2005-03-09 43008] R1 avgio;avgio; \??\C:\Program Files\Avira\AntiVir Desktop\avgio.sys [] R1 avipbb;avipbb; C:\WINDOWS\system32\DRIVERS\avipbb.sys [2009-03-30 96104] R1 SASDIFSV;SASDIFSV; \??\C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [] R1 SASKUTIL;SASKUTIL; \??\C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [] R1 ssmdrv;ssmdrv; C:\WINDOWS\system32\DRIVERS\ssmdrv.sys [2010-05-30 28520] R2 avgntflt;avgntflt; C:\WINDOWS\system32\DRIVERS\avgntflt.sys [2010-05-30 56816] R3 ALCXWDM;Service for Realtek AC97 Audio (WDM); C:\WINDOWS\system32\drivers\ALCXWDM.SYS [2005-08-30 3644928] R3 aracpi;aracpi; C:\WINDOWS\system32\DRIVERS\aracpi.sys [2005-08-03 22784] R3 arkbcfltr;Microsoft PS2 Keyboard Filter; C:\WINDOWS\system32\DRIVERS\arkbcfltr.sys [2005-08-03 5376] R3 armoucfltr;Microsoft PS2 Mouse Filter; C:\WINDOWS\system32\DRIVERS\armoucfltr.sys [2005-08-03 4992] R3 Arp1394;Protocole client ARP 1394; C:\WINDOWS\system32\DRIVERS\arp1394.sys [2008-04-13 60800] R3 ARPolicy;ARPolicy; C:\WINDOWS\system32\DRIVERS\arpolicy.sys [2005-08-03 10112] R3 NIC1394;Pilote réseau 1394; C:\WINDOWS\system32\DRIVERS\nic1394.sys [2008-04-13 61824] R3 nv;nv; C:\WINDOWS\system32\DRIVERS\nv4_mini.sys [2005-12-14 3580480] R3 Ps2;PS2; C:\WINDOWS\system32\DRIVERS\PS2.sys [2005-12-13 19072] R3 RTL8023xp;Realtek 10/100/1000 NIC Family all in one NDIS XP Driver; C:\WINDOWS\system32\DRIVERS\Rtnicxp.sys [2005-09-30 78720] R3 usbehci;Pilote miniport de contrôleur d'hôte amélioré Microsoft USB 2.0; C:\WINDOWS\system32\DRIVERS\usbehci.sys [2008-04-13 30208] R3 usbhub;Concentrateur USB2; C:\WINDOWS\system32\DRIVERS\usbhub.sys [2008-04-13 59520] R3 usbohci;Pilote miniport de contrôleur hôte ouvert USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbohci.sys [2008-04-13 17152] R3 usbstor;Pilote de stockage de masse USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-13 26368] S3 arhidfltr;MS Ar HID Filter Driver; C:\WINDOWS\system32\DRIVERS\arhidfltr.sys [2005-08-03 19200] S3 HPZid412;IEEE-1284.4 Driver HPZid412; C:\WINDOWS\system32\DRIVERS\HPZid412.sys [2005-03-08 51120] S3 HPZipr12;Print Class Driver for IEEE-1284.4 HPZipr12; C:\WINDOWS\system32\DRIVERS\HPZipr12.sys [2005-03-08 16496] S3 HPZius12;USB to IEEE-1284.4 Translation Driver HPZius12; C:\WINDOWS\system32\DRIVERS\HPZius12.sys [2005-03-08 21744] S3 MHNDRV;Pilote MHN; C:\WINDOWS\system32\DRIVERS\mhndrv.sys [2004-08-10 11008] S3 rtl8139;Pilote NT de carte Realtek PCI Fast Ethernet à base RTL8139(A/B/C); C:\WINDOWS\system32\DRIVERS\RTL8139.SYS [2004-08-03 20992] S3 usbccgp;Pilote parent générique USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2008-04-13 32128] S3 usbprint;Classe d'imprimantes USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856] S3 usbscan;Pilote de scanneur USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2008-04-13 15104] S3 usbuhci;Pilote miniport de contrôleur hôte universel USB Microsoft; C:\WINDOWS\system32\DRIVERS\usbuhci.sys [2008-04-13 20608] S4 intelppm;Pilote de processeur Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40576] ======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)====== R2 AntiVirSchedulerService;Avira AntiVir Planificateur; C:\Program Files\Avira\AntiVir Desktop\sched.exe [2010-05-30 108289] R2 AntiVirService;Avira AntiVir Guard; C:\Program Files\Avira\AntiVir Desktop\avguard.exe [2010-05-30 185089] R2 ARSVC;ARSVC; C:\WINDOWS\arservice.exe [2005-08-03 58880] R2 ehRecvr;Media Center Receiver Service; C:\WINDOWS\eHome\ehRecvr.exe [2005-10-11 237568] R2 ehSched;Service de planification Media Center; C:\WINDOWS\eHome\ehSched.exe [2005-08-05 103424] R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-05-24 153376] R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe [2005-12-19 73728] R2 McrdSvc;Media Center Extender Service; C:\WINDOWS\ehome\mcrdsvc.exe [2005-08-05 99328] R2 Nero BackItUp Scheduler 3;Nero BackItUp Scheduler 3; C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe [2008-06-08 877864] R2 NVSvc;NVIDIA Display Driver Service; C:\WINDOWS\system32\nvsvc32.exe [2005-12-14 143427] R2 PLFlash DeviceIoControl Service;PLFlash DeviceIoControl Service; C:\WINDOWS\system32\IoctlSvc.exe [2006-12-19 81920] R3 NMIndexingService;NMIndexingService; C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe [2008-06-24 537896] S2 wbblpcae;AGP Bus k4964 Helper; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 aspnet_state;Service d'état ASP.NET; C:\WINDOWS\Microsoft.NET\Framework\v1.1.4322\aspnet_state.exe [2004-07-15 32768] S3 Fax;Fax; C:\WINDOWS\system32\fxssvc.exe [2008-04-14 268800] S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe [2004-10-22 73728] S3 MHN;MHN; C:\WINDOWS\System32\svchost.exe [2008-04-14 14336] S3 UMWdf;Windows User Mode Driver Framework; C:\WINDOWS\system32\wdfmgr.exe [2005-08-04 38912] -----------------EOF-----------------

Bonjour, malgré l'utilisation de malwares bytes anti malware, superantispyware et un antivirus (antivir) en mode sans echec , je n'arrive pas à eradiquer un programme malveillant qui me redirige vers des pubs non sollicités et menace de l'existence de virus. Merci pour votre aide. Je vous poste le rapport hijackthis : MSIE: Internet Explorer v8.00 (8.00.6001.18702) Boot mode: Normal Running processes: C:\WINDOWS\System32\smss.exe C:\WINDOWS\system32\winlogon.exe C:\WINDOWS\system32\services.exe C:\WINDOWS\system32\lsass.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\System32\svchost.exe C:\WINDOWS\Explorer.EXE C:\WINDOWS\system32\spoolsv.exe C:\Program Files\Avira\AntiVir Desktop\sched.exe C:\Program Files\Avira\AntiVir Desktop\avguard.exe C:\WINDOWS\arservice.exe C:\WINDOWS\eHome\ehRecvr.exe C:\WINDOWS\eHome\ehSched.exe C:\Program Files\Java\jre6\bin\jqs.exe C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe C:\WINDOWS\system32\nvsvc32.exe C:\WINDOWS\system32\IoctlSvc.exe C:\WINDOWS\system32\svchost.exe C:\WINDOWS\system32\dllhost.exe C:\WINDOWS\system32\wbem\wmiapsrv.exe C:\WINDOWS\ehome\ehtray.exe C:\WINDOWS\ARPWRMSG.EXE C:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe C:\Program Files\HP\HP Software Update\HPwuSchd2.exe C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe C:\Program Files\Avira\AntiVir Desktop\avgnt.exe C:\WINDOWS\system32\rundll32.exe C:\WINDOWS\system32\ctfmon.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe C:\WINDOWS\eHome\ehmsas.exe C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe C:\WINDOWS\System32\svchost.exe c:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe C:\WINDOWS\system32\wscntfy.exe C:\WINDOWS\system32\wuauclt.exe C:\HP\KBD\KBD.EXE C:\WINDOWS\ALCXMNTR.EXE c:\windows\system\hpsysdrv.exe C:\WINDOWS\system32\SNDVOL32.EXE C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Program Files\Internet Explorer\iexplore.exe C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\Mes documents\Downloads\HiJackThis.exe R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://google.fr/ R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896 R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896 R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157 R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Liens O2 - BHO: AcroIEHlprObj Class - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll O2 - BHO: Java Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll O4 - HKLM\..\Run: [ehTray] C:\WINDOWS\ehome\ehtray.exe O4 - HKLM\..\Run: [ftutil2] rundll32.exe ftutil2.dll,SetWriteCacheMode O4 - HKLM\..\Run: [AlwaysReady Power Message APP] ARPWRMSG.EXE O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\WINDOWS\system32\NvCpl.dll,NvStartup O4 - HKLM\..\Run: [nwiz] nwiz.exe /installquiet /keeploaded /nodetect O4 - HKLM\..\Run: [HPHUPD08] c:\Program Files\HP\Digital Imaging\{33D6CC28-9F75-4d1b-A11D-98895B3A3729}\hphupd08.exe O4 - HKLM\..\Run: [DMAScheduler] c:\Program Files\Sonic\DigitalMedia Plus\DigitalMedia Archive\DMAScheduler.exe O4 - HKLM\..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE O4 - HKLM\..\Run: [HPBootOp] "C:\Program Files\Hewlett-Packard\HP Boot Optimizer\HPBootOp.exe" /run O4 - HKLM\..\Run: [Reminder] "C:\Windows\Creator\Remind_XP.exe" O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPwuSchd2.exe O4 - HKLM\..\Run: [TkBellExe] "C:\Program Files\Fichiers communs\Real\Update_OB\realsched.exe" -osboot O4 - HKLM\..\Run: [sunJavaUpdateSched] "C:\Program Files\Fichiers communs\Java\Java Update\jusched.exe" O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Fichiers communs\Nero\Lib\NeroCheck.exe O4 - HKLM\..\Run: [NBKeyScan] "C:\Program Files\Nero\Nero8\Nero BackItUp\NBKeyScan.exe" O4 - HKLM\..\Run: [avgnt] "C:\Program Files\Avira\AntiVir Desktop\avgnt.exe" /min O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe O4 - HKCU\..\Run: [MSConfig] C:\Documents and Settings\HP_Administrateur.NOM-FB9B15D2723.003\vgogev.exe \u O4 - HKCU\..\Run: [indxStoreSvr_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Fichiers communs\Nero\Lib\NMIndexStoreSvr.exe" ASO-616B5711-6DAE-4795-A05F-39A1E5104020 O4 - HKCU\..\Run: [sUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe O4 - HKUS\S-1-5-19\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE LOCAL') O4 - HKUS\S-1-5-20\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SERVICE RÉSEAU') O4 - .DEFAULT User Startup: Pin.lnk = C:\hp\bin\CLOAKER.EXE (User 'Default user') O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe O9 - Extra button: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra 'Tools' menuitem: Aide à la connexion - {E2D4D26B-0180-43a4-B05F-462D6D54C789} - C:\WINDOWS\PCHEALTH\HELPCTR\Vendors\CN=Hewlett-Packard,L=Cupertino,S=Ca,C=US\IEButton\support.htm O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe O20 - Winlogon Notify: !SASWinLogon - C:\Program Files\SUPERAntiSpyware\SASWINLO.DLL O23 - Service: Avira AntiVir Planificateur (AntiVirSchedulerService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\sched.exe O23 - Service: Avira AntiVir Guard (AntiVirService) - Avira GmbH - C:\Program Files\Avira\AntiVir Desktop\avguard.exe O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Fichiers communs\InstallShield\Driver\1050\Intel 32\IDriverT.exe O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files\Fichiers communs\LightScribe\LSSrvc.exe O23 - Service: Nero BackItUp Scheduler 3 - Nero AG - C:\Program Files\Nero\Nero8\Nero BackItUp\NBService.exe O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Fichiers communs\Nero\Lib\NMIndexingService.exe O23 - Service: NVIDIA Display Driver Service (NVSvc) - NVIDIA Corporation - C:\WINDOWS\system32\nvsvc32.exe O23 - Service: PLFlash DeviceIoControl Service - Prolific Technology Inc. - C:\WINDOWS\system32\IoctlSvc.exe --